The government has set about a plan that will emphasize the makers of smart devices to inform their customers upfront on the product guarantee for receiving vital security updates.
Consumer Protection Measures
This is a step to protect customers and people from the ongoing threat of cyber attacks on various devices such as phones and speakers.
The government produced recent figures that showcased a 49% figure of UK residents purchasing smart devices following the pandemic surge in 2020. Products such as smartwatches, cameras and TVs were high on the list of purchases for consumers but also presented a vulnerability to cyber attackers, with as little as one device providing a user network risk.
Establishing the Law
In the wake of this knowledge, the UK government has acted to establish a law to counter the threat by ensuring all devices meet certain requirements. When purchasing these items, the seller will be required to inform the buyer of the duration of time that security updates will be receivable, as well as providing a public point of contact to deal with any issues of vulnerability to a buyer. On top of this, manufacturers will be banned from using universal default passwords in default factory settings such as ‘password’ or ‘admin’.
Smartphones are a prime product to be put under the microscope of the planned Secure By Design legislation, with the government responding to the call for action on smart device cybersecurity. Following research conducted by a consumer group, it was revealed that a third of users kept hold of phones for up to 4 years whilst the security updates were only offered for a little over 2.
Whilst this course of action is high on the government priority list, the call for people to use National Cyber Security Centre guidance on changing default passwords as well as updating their apps and their software is still being pushed as a protective measure that all should adhere to.
The government on the Firm Steps
The government’s step up towards forcing tech firms to be upfront with customers about their device security support is about the protection of users from unknowingly being open to cyber attacks due to outdated security. To aid this, the government also stepped up to help develop the first major international standard for consumer device cybersecurity to aid manufacturers in their efforts to protect their customers from cyber crimes and hacks.
With the advanced use of smart technology in a year, many consumers have unwittingly provided a gold mine for attackers through multiple devices bought over the last year. Whilst steps with manufacturers to improve security practices are rising, they are not yet up to the level they need to be.
The government intends to introduce this legislation as soon as parliamentary time permits.